This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Platform Product Advisories
Read and subscribe to the latest announcements and advisories relating to the NetWitness Platform.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Netwitness recommend to Upgrade 11.7 windows endpoint agents to 11.7.1.2.

 

Summary

Netwitness has identified an issue with the Netwitness Endpoint Windows Agent 11.7 that can potentially cause high CPU utilization on the Endpoint machines when a suspicious thread is detected. This is isolated only to Windows agent and does not affect Linux or MacOS agents.

Affected Platforms

Netwitness Endpoint Agent 11.7

Recommendation

Upgrade Windows Endpoint agents to 11.7.1.2  

An updated advisory will be published soon outlining further details on upgrading to the 11.7.1.2 release.

If you are still on 11.7.X and some reason cannot upgrade to the latest release then as a workaround, apply the following advance setting in the Agent Endpoint (EDR) policy to disable the suspicious thread detection.

{

"trackingConfig": {

                 "sentinelConfigOverride": true,

                 "sentinelConfigValue":891

                 }

}

 

For additional documentation for groups and policy, downloads, and more, visit the RSA NetWitness Platform page on RSA Link.

 

Labels (2)
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2022-08-23 09:22 AM
Updated by:
Moderator Moderator

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.